Close
Enter your
text here
Posts By :

Doug Austin

eDiscovery Case Law: Major Tours v. Colorel

Yesterday, we took a look at “Rajala v. McGuire Woods”, Judge David Waxse’s opinion regarding the applicability of Federal Rule of Evidence 502(d) and (e) in McGuire Woods’ request for a clawback provision for privileged documents.

The holiday week look back at cases continues with Major Tours, Inc. v. Colorel, 2010 WL 2557250 (D.N.J. June 22, 2010), which addresses whether a party may obtain a Protective Order relieving it of the duty to access backup tapes, even when that party’s failure to issue a litigation hold resulted in the data only being available on those backup tapes.

Major Tours appealed a 2009 Magistrate Judge’s order concluding that certain backup tapes were not reasonably accessible under Rule 26(b)(2)(B) and that the plaintiffs had not shown good cause to require their production under the seven factor test set forth in the Advisory Committee Notes to Rule 26(b)(2)(B). The Magistrate Judge made this determination despite finding that the defendant, Michael Colorel, had not instituted adequate litigation hold notices until several years after the duty to preserve had attached.

Upon appeal to U.S. District Court Judge Jerome Simandle, Major Tours claimed that the Magistrate Judge had not given “appropriate weight to the defendants’ culpability for the emails being inaccessible, given that the reason for the increased cost of recovery was the defendants’ failure to institute a timely and effective litigation hold.” and also argued that a party cannot rely on Rule 26(b)(2)(B) if that party’s negligence caused the inaccessibility of the requested data in the first place.

Judge Simandle first addressed “whether, as a matter of law, a protective order under Rule 26(b)(2)(B) can ever be granted to a party when the evidence is inaccessible because of that party’s failure to institute a litigation hold” and concluded that “no such bright line rule exists.”, finding that Colorel’s culpability in failing to preserve the information did not override application of the multi-factor good cause test under Rule 26(b)(2)(B). Judge Simandle cited the decision in Disability Rights Council of Greater Washington v. Washington Metropolitan Transit, 242 F.R.D. 139 (D.D.C. 2007), in which Magistrate Judge John M. Facciola considered the same issue and “concluded that the proper approach was to balance the defendants’ culpability as one factor in the seven factor analysis.”  Judge Simandle noted that “The Rules compel exactly this discretionary balancing of costs and benefits of discovery, not a bright line requirement of production, no matter how burdensome, how likely to succeed, or how necessary to the litigation, if a party fails to adequately preserve every byte of previously accessible data.”

As to whether the magistrate judge adequately considered defendants’ culpability, Judge Simandle found that he did and affirmed his order, noting that considering the volume of evidence produced by Colorel, the backup tapes were “likely to produce evidence of only marginal, cumulative benefit and at great expense” and that “this outweighed the slim likelihood of the discovery of non-cumulative evidence even if there was some unknown degree of negligent spoliation.”

So, what do you think?  Is this the most significant eDiscovery case of 2010?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Case Law: Rajala v. McGuire Woods

Yesterday, we took a look at “Pension Committee”, Judge Shira Scheindlin’s significant opinion regarding the duty for plaintiffs (as well as defendants) to preserve ESI and sanctions for failing to live up to that duty.

The holiday week look back at cases continues with Rajala v. McGuire Woods LLP, (D. Kan. July 22, 2010), which addresses the applicability of Federal Rule of Evidence 502(d) and (e) in McGuire Woods’ request for a clawback provision for privileged documents.

As part of negotiations over an appropriate protective order covering the treatment of confidential information, defendant McGuire Woods drafted a proposed order that included a clawback provision. Plaintiff opposed inclusion of a clawback provision in the agreement, arguing that the protective order should not deal with privilege issues and that “[t]he parties are free to enter stipulations at other times over other discovery issues, including … waiver of privileges and clawbacks… There is no need to force the issue here.” The protective order was subsequently entered without a clawback provision. After further meet and confer sessions, plaintiff still would not enter into a clawback agreement, and defendant filed a motion for entry of a clawback provision.

Agreeing with defendant’s arguments, the Court held that both Federal Rule of Civil Procedure 26(f) and Federal Rule of Evidence 502 contemplated the use of clawback provisions and that “entry of an order containing a clawback provision is not dependent on the agreement of the parties.” Because of the extensive amount of ESI in the litigation, and because defendant is a law firm with thousands of clients and a high risk of potential inadvertent disclosure, the Magistrate Judge concluded that defendant had made the requisite showing of good cause for entry of a clawback provision:

“[T]his case is precisely the type of case that would benefit from a clawback provision. Such a provision will permit the parties to conduct and respond to discovery in an expeditious manner, without the need for time-consuming and costly pre-production privilege reviews, and at the same time preserve the parties’ rights to assert the attorney-client privilege or work product immunity.”

So, what do you think?  Is this the most significant eDiscovery case of 2010?  Please share any comments you might have or if you’d like to know more about a particular topic.

Case Summary Source: Sidley Austin LLP.

Disclaimer: The views represented herein are exclusively the views of the author, and do not necessarily represent the views held by CloudNine Discovery. eDiscoveryDaily is made available by CloudNine Discovery solely for educational purposes to provide general information about general eDiscovery principles and not to provide specific legal advice applicable to any particular circumstance. eDiscoveryDaily should not be used as a substitute for competent legal advice from a lawyer you have retained and who has agreed to represent you.

eDiscovery Case Law: Pension Committee

This holiday week, we’re taking a look back at some of the cases which have had the most significance (from an eDiscovery standpoint) of the year.  The first case we will look at is The Pension Committee of the Montreal Pension Plan v. Banc of America Securities, LLC, 29010 U.S. Dist. Lexis 4546 (S.D.N.Y. Jan. 15, 2010) (as amended May 28, 2010), commonly referred to as “Pension Committee”.

In “Pension Committee”, New York District Court Judge Shira Scheindlin defined negligence, gross negligence, and willfulness from an eDiscovery standpoint and cementing her status as the most famous “Judge Scheindlin” in New York (as opposed to “Judge Judy” Sheindlin, who spells her last name without a “c”).  Judge Scheindlin titled her 85-page opinion Zubulake Revisited: Six Years Later.  The

This case addresses preservation and spoliation requirements of the plaintiff and information which should have been preserved by the plaintiffs after the lawsuit was filed. Judge Scheindlin addresses in considerable detail, defining the levels of culpability — negligence, gross negligence, and willfulness in the electronic discovery context.

Issues that constituted negligence according to Judge Scheindlin’s opinion included:

  • Failure to obtain records from all employees (some of whom may have had only a passing encounter with the issues in the litigation), as opposed to key players;
  • Failure to take all appropriate measures to preserve ESI;
  • Failure to assess the accuracy and validity of selected search terms.

Issues that constituted gross negligence or willfulness according to Judge Scheindlin’s opinion included:

  • Failure to issue a written litigation hold;
  • Failure to collect information from key players;
  • Destruction of email or backup tapes after the duty to preserve has attached;
  • Failure to collect information from the files of former employees that remain in a party’s possession, custody, or control after the duty to preserve has attached.

The opinion also addresses 1) responsibility to establish the relevance of evidence that is lost as well as responsibility to prove that the absence of the missing material has caused prejudice to the innocent party, 2) a novel burden-shifting test in addressing burden of proof and severity of the sanction requested and 3) guidance on the important issue of preservation of backup tapes.

The result: spoliation sanctions against 13 plaintiffs based on their alleged failure to timely issue written litigation holds and to preserve certain evidence before the filing of the complaint.

Scheindlin based sanctions on the conduct and culpability of the spoliating party, regardless of the relevance of the documents destroyed, which has caused some to label the opinion as “draconian”.  In at least one case, Orbit One Communications Inc. v. Numerex Corp., 2010 WL 4615547 (S.D.N.Y. Oct. 26, 2010)., Magistrate Judge James C. Francis concluded that sanctions for spoliation must be based on the loss of at least some information relevant to the dispute.  It will be interesting to see how other cases refer to the Pension Committee case down the road.

So, what do you think?  Is this the most significant eDiscovery case of 2010?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Trends: Myth of SaaS Insecurity Finally Busted

Eleven years ago, when I first began talking to attorneys about hosting document collections online to manage the review and production process for discovery, the typical response that I got was “I would never consider putting my client’s documents online – it’s just not secure”.  Let’s face it – lawyers are not exactly early adopters of technology… 😉

These days, few folks seem to have that concern any more when it comes to putting sensitive data and documents online.  Many people bank online, buy items from Amazon and other “etailers”, share pictures and other personal information on Facebook, etc.  As for business data, SalesForce.com has become the top customer relationship management (CRM) application and many business users are using Google Docs to share documents with colleagues, as just two examples.

What do all of these applications have in common?  They are Software as a Service (SaaS) applications, delivering data and functionality via an online application.  As noted previously on this blog, a new IDC study forecasts the SaaS market to reach $40.5 billion by 2014, an annual growth rate of 25.3%.  Also by 2014, about 34% of all new business software purchases will be via SaaS applications, according to IDC.

SaaS review applications have also become increasingly popular in eDiscovery with several eDiscovery SaaS applications available that provide benefits including: no software to install, intuitive browser-based interfaces and ability to share the collection with your client, experts, and co-counsel without distributing anything more than a login.

As for security concerns, most litigators have come to accept that these systems are secure.  But, do they realize just how secure they are?

As an example, at Trial Solutions, the servers hosting data for our OnDemand® and FirstPass™ (powered by Venio FPR™) platforms are housed in a Tier 4 data center in Houston (which is where our headquarters is).  The security at this data center is military grade: 24 x 7 x 365 onsite security guards (I feel sorry for the folks who have to work this Saturday!), video surveillance, biometric and card key security required just to get into the building.  Not to mention a building that features concrete bollards, steel lined walls, bulletproof glass, and barbed wire fencing.  And, if you’re even able to get into the building, you then have to find the right server (in the right locked room) and break into the server security.  It’s like the movie Mission Impossible where Tom Cruise has to break into the CIA, except for the laser beams over the air vent (anyone who watches movies knows those can be easily thwarted by putting mirrors over them).  To replicate that level of security infrastructure would be cost prohibitive for even most large companies.

From the outside, SaaS applications secure data with login authentication and Secured Sockets Layer (SSL) encryption.  SSL encryption is like taking a piece of paper with text on it, scrambling the letters on that piece of paper and then tearing it up into many pieces and throwing the scraps into the wind.  To intercept a communication (one request to the server), you have to intercept all of the packets of a communication, then unscramble each packet individually and then reassemble them in the correct order.

Conversely, desktop review application data could be one stolen laptop away from being compromised.  No wonder why nobody talks about security concerns anymore with SaaS applications.

So, what do you think?  How secure is your document collection?  Please share any comments you might have or if you’d like to know more about a particular topic.

Happy Holidays from all of us at Trial Solutions and eDiscovery Daily!

eDiscovery Trends: Social Media in Litigation

Yesterday, we introduced the Virtual LegalTech online educational session Facing the Legal Dangers of Social Media and discussed what factors a social media governance policy should address.  To get background information regarding the session, including information about the speakers (Harry Valetk, Daniel Goldman and Michael Lackey), click here.

The session also addressed social media in litigation, discussing several considerations about social media, including whether it’s discoverable, how it’s being used in litigation, how to request it, how to preserve it, and how to produce it.  Between wall postings, status updates, personal photos, etc., there’s a lot of content out there and it’s just as discoverable as any other source of ESI – depending on its relevance to the case and the burden to collect, review and produce.  The relevance of privacy settings may be a factor in the discoverability of this information as at least one case, Crispin v. Christian Audigier, Inc.,(C.D. Cal. May 26, 2010), held that private email messaging on Facebook, MySpace and Media Temple was protected as private.

So, how is social media content being used in litigation?  Here are some examples:

  • Show Physical Health: A person claiming to be sick or injured at work who has photos on their Facebook profile showing them participating in strenuous recreation activities;
  • Discrimination and Harassment: Statements made online which can be considered discriminatory or harassing or if the person “likes” certain groups with “hate” agendas;
  • False Product Claims: Statements online about a product that are not true or verifiable;
  • Verify or Refute Alibis: Social media content (photos, location tracking, etc.) can verify or refute alibis provided by suspects in criminal cases;
  • Pre-Sentencing Reports: Social media content can support or refute claims of remorse – in one case, the convicted defendant was sentenced more harshly because of statements made online that refuted his statements of remorse in the courtroom;
  • Info Gathering: With so much information available online, you can gather information about opposing parties, witnesses, attorneys, judges, or even jurors.  In some cases, attorneys have paid firms to ensure that positive information will bubble to the top when jurors “Google” those attorneys.  And, in Ohio, at least, judges may not only have Facebook friends, but those friends can include attorneys appearing before them (interesting…).

If possible, request the social media content from your opponent as the third-party provider will probably fight having to provide the content, usually citing the Stored Communications Act.  As noted previously on this blog, Facebook and Twitter have guidelines for requesting data – through subpoena and law enforcement agencies.

Social media content is generally stored by third-party Software as a Service (SaaS) providers (Facebook and Twitter are examples of SaaS providers), so it’s important to be prepared to address several key eDiscovery issues to proactively prepare to be able to preserve and produce the data for litigation purposes, just as you would with any SaaS provider.

So, what do you think?  Has your organization been involved in litigation where social media content was requested?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Trends: Social Media Policies to Manage Risk

As noted previously, ALM hosted another Virtual LegalTech online “live” day online last week.  We’ve talked about the session regarding Predictive Coding here and here.

Another session from last week’s “live” day was Facing the Legal Dangers of Social Media.  The speakers for this session were:

  • Harry A. Valetk: Internet Safety and Consumer Privacy Attorney, MetLife Privacy Office;
  • Daniel S. Goldman: Chair of Mayo Clinic’s business law practice group which oversees the corporate law, contracting and intellectual property functions of the Mayo Clinic legal department.; and
  • Michael E. Lackey, Jr.: Partner and co-chair of the Electronic Discovery and Records Management Practice for Mayer Brown LLP.

Establishing boundaries between your professional life and personal life continues to be more challenging as more personal information is available online.  The session cited a handful of cases where terminations resulted from postings on individuals’ personal social media accounts, one of which was challenged by the National Labor Relations Board (NLRB).  At least one state has rules in place – Section 201-d(2)(c) of New York’s Labor Law protects “legal recreational activities” engaged off-site during nonworking hours.

An interesting stat from the session was that “27% of employed Internet users now work for employer[s] with policies about how they may present themselves online”.  As noted previously in this blog, having a social governance policy in place is a good idea to govern use of outside email, chat and social media that covers what employees should and should not do.  From the session, here are some factors that a good social governance policy should address:

  • Educate: The social governance policy should be accessible and all employees should receive training with examples that illustrate what may not be obvious to everybody,
  • Plan for Crises: The speed and reach of social media means that a crisis will happen fast.  Identify a crisis team and develop a plan to react quickly.  When disgruntled employees of Domino’s pizza posted a video, showing them tainting food, Domino’s management reacted quickly.
  • Plagiarize:  Yes, plagiarize.  As in, there are many good ideas already implemented out there for social governance, don’t reinvent the wheel.
  • Use of Social Media During Work: Some companies will try to ban the use of social media during work by banning access to sites via work computers, but employees can simply access those sites on mobile devices, so it’s better to establish an expectation of level of acceptable use.
  • Preserve Customer Privacy: Any policy must stress the importance of this.
  • Identify Company Spokespersons: Establish who can speak on behalf of the company and make clear to others to stress that any views they espouse online are personal views.
  • Address the Blurring of Boundaries: Employees should not exhibit inappropriate behavior on social media when identified as employees, and there should be no association with the employer for any behavior incompatible with the brand/profession.
  • Business Confidentiality: Don’t discuss trade secrets or other confidential information online.  Even posting that you’re attending a meeting with a company that you’re negotiating with can violate NDA agreements.
  • Prohibit Employees from Speaking Anonymously: It’s considered unethical at best and may be an FTC violation at worst as John Mackey, Whole Foods CEO, found out back in 2007.
  • Don’t Harass: If it’s unacceptable behavior in the workplace, it’s unacceptable online.  Not to mention gutless.  And, employers can be liable if they’re aware of harassing behavior online and don’t act to address it.

Tomorrow, we’ll discuss the discoverability and use of social media content in litigation.  As noted with the predictive coding session, you can check out a replay of the session at the Virtual LegalTech site. You’ll need to register – it’s free – then login and go to the CLE Center Auditorium upon entering the site (which is up all year, not just on “live days”).  Scroll down until you see this session and then click on “Attend Now” to view the replay presentation.  You can also go to the Resource Center at the site and download the slides for the presentation.

So, what do you think?  Does your organization have a social media policy in place?  Please share any comments you might have or if you’d like to know more about a particular topic.

State eDiscovery Rules: States without eDiscovery Rules Changes

Last month, we noted how Oklahoma was the latest state to adopt new amendments to their Rules of Civil Procedure to address discovery of electronically stored information (ESI).  At the beginning of the new year, Wisconsin becomes the latest state to adopt eDiscovery rules (more to come on that in an upcoming blog post).

At that point, 37 out of 51 states (we’re considering District of Columbia a “state” for this consideration) will have adopted at least some procedural rules which address eDiscovery issues.  One of those states, Washington, has only enacted rules that address the non-waiver of the attorney-client privilege and attorney work product.

That leaves 14 states (including DC) that have not enacted any rules changes that address discovery of ESI.  They are (with current status, if known – at this point, most of these states have no available status information on eDiscovery adoption):

  • Colorado: The Colorado Supreme Court Committee on Rules of Civil Procedure reported in January 2008 no need for e-discovery rule amendments.  A limited pilot program involving only complex business and medical malpractice cases is reportedly being considered for district courts in the Denver area.
  • District of Columbia: The DC Court of Appeals has stayed the requirement that the Superior Court adhere to the Federal Rules (D.C. Code § 11-946) to enable the Superior Court and its advisory committee time to revise the local rules for eDiscovery. In November 2010, revisions were approved by the Superior Court and transferred to the Court of Appeals for final approval.
  • Georgia
  • Hawaii
  • Kentucky
  • Massachusetts: The eDiscovery subcommittee of the Supreme Judicial Court Rules Advisory Committee has finished a draft of eDiscovery rules which will be reportedly submitted to the entire Advisory Committee. If approved, it would then be published for comment. ESI has long been recognized as subject to discovery as a document, which is defined to include “data compilations.” See 49 Mass. Prac., Discovery § 7:1 (Electronic Discovery – Generally).
  • Missouri
  • Nevada
  • Oregon: On September 11, 2010, the Council on Court Procedures of the Oregon Supreme Court has released for public comment a limited proposal regarding electronic discovery.  After opportunity for comment, the proposal will be submitted to the Oregon Legislature for action, with enactment taking effect no earlier than January 1, 2012.
  • Pennsylvania
  • Rhode Island
  • South Carolina
  • South Dakota
  • West Virginia

It will be interesting to see how these remaining states progress and if any of them enact any eDiscovery rules in 2011.

So, what do you think?  Wondering what rules each of the other states have adopted?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Trends: Predictive Coding Strategy and Survey Results

Yesterday, we introduced the Virtual LegalTech online educational session Frontiers of E-Discovery: What Lawyers Need to Know About “Predictive Coding” and defined predictive coding while also noting the two “learning” methods that most predictive coding mechanisms use to predict document classifications.  To get background information regarding the session, including information about the speakers (Jason Baron, Maura Grossman and Bennett Borden), click here.

The session also focused on strategies for using predictive coding and results of the TREC 2010 Legal Track Learning Task on the effectiveness of “Predictive Coding” technologies.  Strategies discussed by Bennett Borden include:

  • Understanding the technology used by a particular provider:  Not only will supervised and active learning mechanisms often yield different results, but there are differing technologies within each of these learning mechanisms.
  • Understand the state of the law regarding predictive coding technology: So far, there is no case law available regarding use of this technology and, while it may eventually be the future of document review, that has yet to be established.
  • Obtain buy-in by the requesting party to use predictive coding technology: It’s much easier when the requesting party has agreed to your proposed approach and that agreement is included in an order of the court which covers the approach and also includes a FRE 502 “clawback” agreement and order.  To have a chance to obtain that buy-in and agreement, you’ll need a diligent approach that includes “tiering” of the collection by probable responsiveness and appropriate sampling of each tier level.

Maura Grossman then described TREC 2010 Legal Track Learning Task on the effectiveness of “Predictive Coding” technologies.  The team took the EDRM Enron Version 2 Dataset of 1.3 million public domain files, deduped it down to 685,000+ unique files and 5.5 GB of uncompressed data.  The team also identified eight different hypothetical eDiscovery requests for the test.

Participating predictive coding technologies were then given a “seed set” of roughly 1,000 documents that had previously been identified by TREC as responsive or non-responsive to each of the requests. Using this information, participants were required to rank the documents in the larger collection from most likely to least likely to be responsive, and estimate the likelihood of responsiveness as a probability for each document.  The study ranked the participants on recall rate accuracy based on 30% of the collection retrieved (200,000 files) and also on the predicted recall to determine a prediction accuracy.

The results?  Actual recall rates for all eight discovery requests ranged widely among the tools from 85.1% actual recall down to 38.2% (on individual requests, the range was even wider – as much as 82% different between the high and the low).  The prediction accuracy rates for the tools also ranged somewhat widely, from a high of 95% to a low of 42%.

Based on this study, it is clear that these technologies can differ significantly on how effective and efficient they are at correctly ranking and categorizing remaining documents in the collection based on the exemplar “seed set” of documents.  So, it’s always important to conduct sampling of both machine coded and human coded documents for quality control in any project, with or without predictive coding (we sometimes forget that human coded documents can just as often be incorrectly coded!).

For more about the TREC 2010 Legal Track study, click here.  As noted yesterday, you can also check out a replay of the session or download the slides for the presentation at the Virtual LegalTech site.

Full Disclosure: Trial Solutions provides predictive coding services using Hot Neuron LLC’s Clustify™, which categorizes documents by looking for similar documents in the exemplar set that satisfy a user-specified criteria, such as a minimum conceptual similarity or near-duplicate percentage.

So, what do you think?  Have you used predictive coding on a case?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Trends: What the Heck is “Predictive Coding”?
 

Yesterday, ALM hosted another Virtual LegalTech online "live" day online.  Every quarter, theVirtual LegalTech site has a “live” day with educational sessions from 9 AM to 5 PM ET, most of which provide CLE credit in certain states (New York, California, Florida, and Illinois).

One of yesterday’s sessions was Frontiers of E-Discovery: What Lawyers Need to Know About “Predictive Coding”.  The speakers for this session were:

Jason Baron: Director of Litigation for the National Archives and Records Administration, a founding co-coordinator of the National Institute of Standards and Technology’s Text Retrieval Conference (“TREC”) legal track and co-chair and editor-in-chief for various working groups for The Sedona Conference®;

Maura Grossman: Counsel at Wachtell, Lipton, Rosen & Katz, co-chair of the eDiscovery Working Group advising the New York State Unified Court System and coordinator of the 2010 TREC legal track; and

Bennett Borden: co-chair of the e-Discovery and Information Governance Section at Williams Mullen and member of Working Group I of The Sedona Conference on Electronic Document Retention and Production, as well as the Cloud Computing Drafting Group.

This highly qualified panel discussed a number of topics related to predictive coding, including practical applications of predictive coding technologies and results of the TREC 2010 Legal Track Learning Task on the effectiveness of “Predictive Coding” technologies.

Before discussing the strategies for using predictive coding technologies and the results of the TREC study, it’s important to understand what predictive coding is.  The panel gave the best descriptive definition that I’ve seen yet for predictive coding, as follows:

“The use of machine learning technologies to categorize an entire collection of documents as responsive or non-responsive, based on human review of only a subset of the document collection. These technologies typically rank the documents from most to least likely to be responsive to a specific information request. This ranking can then be used to “cut” or partition the documents into one or more categories, such as potentially responsive or not, in need of further review or not, etc.”

The panel used an analogy for predictive coding by relating it to spam filters that review and classify email and learn based on previous classifications which emails can be considered “spam”.  Just as no spam filter perfectly classifies all emails as spam or legitimate, predictive coding does not perfectly identify all relevant documents.  However, they can “learn” to identify most of the relevant documents based on one of two “learning” methods:

  • Supervised Learning: a human chooses a set of “exemplar” documents that feed the system and enable it to rank the remaining documents in the collection based on their similarity to the exemplars (e.g., “more like this”);
  • Active Learning: the system chooses the exemplars on which human reviewers make relevancy determinations, then the system learns from those classifications to apply to the remaining documents in the collection.

Tomorrow, I “predict” we will get into the strategies and the results of the TREC study.  You can check out a replay of the session at theVirtual LegalTech site. You’ll need to register – it’s free – then login and go to the CLE Center Auditorium upon entering the site (which is up all year, not just on "live days").  Scroll down until you see this session and then click on “Attend Now” to view the replay presentation.  You can also go to the Resource Center at the site and download the slides for the presentation.

So, what do you think?  Do you have experience with predictive coding?  Please share any comments you might have or if you’d like to know more about a particular topic.

eDiscovery Tips: SaaS and eDiscovery – More Top Considerations

Friday, we began talking about the article regarding Software as a Service (SaaS) and eDiscovery entitled Top 7 Legal Things to Know about Cloud, SaaS and eDiscovery on CIO Update.com, written by David Morris and James Shook from EMC.  The article, which relates to storage of ESI within cloud and SaaS providers, can be found here.

The article looks at key eDiscovery issues that must be addressed for organizations using public cloud and SaaS offerings for ESI, and Friday’s post looked at the first three issues.  Here are the remaining four issues from the article (requirements in bold are quoted directly from the article):

4. What if there are technical issues with e-discovery in the cloud?  The article discusses how identifying and collecting large volumes of data can have significant bandwidth, CPU, and storage requirements and that the cloud provider may have to do all of this work for the organization.  It pays to be proactive, determine potential eDiscovery needs for the data up front and, to the extent possible, negotiate eDiscovery requirements into the agreement with the cloud provider.

5. If the cloud/SaaS provider loses or inadvertently deletes our information, aren’t they responsible? As noted above, if the agreement with the cloud provider includes eDiscovery requirements for the cloud provider to meet, then it’s easier to enforce those requirements.  Currently, however, these agreements rarely include these types of requirements.  “Possession, custody or control” over the data points to the cloud provider, but courts usually focus their efforts on the named parties in the case when deciding on spoliation claims.  Sounds like a potential for third party lawsuits.

6. If the cloud/SaaS provider loses or inadvertently deletes our information, what are the potential legal ramifications?  If data was lost because of the cloud provider, the organization will probably want to establish that they’re not at fault. But it may take more than establishing who deleted the data. – the organization may need to demonstrate that it acted diligently in selecting the provider, negotiating terms with established controls and notifying the provider of hold requirements in a timely manner.  Even then, there is no case law guidance as to whether demonstrating such would shift that responsibility and most agreements with cloud providers will limit potential damages for loss of data or data access.

7. How do I protect our corporation from fines and sanction for ESI in the cloud?  The article discusses understanding what ESI is potentially relevant and where it’s located.  This can be accomplished, in part, by creating a data map for the organization that covers data in the cloud as well as data stored within the organization.  Again, covering eDiscovery and other compliance requirements with the provider when negotiating the initial agreement can make a big difference.  As always, be proactive to minimize issues when litigation strikes.

Let’s face it, cloud and SaaS solutions are here to stay and they are becoming increasingly popular for organizations of all sizes to avoid the software and infrastructure costs of internal solutions.  Being proactive and including corporate counsel up front in decisions related to SaaS selections will enable your organization to avoid many potential problems down the line.

So, what do you think?  Does your company have mechanisms in place for discovery of your cloud data?  Please share any comments you might have or if you’d like to know more about a particular topic.